Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

risk assessment - safety analysis - security audit

Why are people so bad at risk assessment? Blame the brain

Stakeholders and CISOs tend to have different perspectives on estimating the risk of a potential cybersecurity incident. Understanding the psychological aspects can help bridge the gap.

mike hanley github cso

GitHub’s Mike Hanley: Today’s CISOs have to be out talking to customers

As the CISO role expands beyond conventional expectations, what it takes to be successful in the role is also changing, with customer focus and having a deep understanding of business context at the center, says GitHub CSO Mike Hanley....

timbrown solarwinds ciso 3x2

SolarWinds CISO: Know your adversary, what they want, watch everything

The compromise of SolarWinds' Orion software changed the company's approach to security. Tim Brown shares some hard-won advice for how CISOs and software vendors should prepare for supply chain attacks.

please stand by problem technical difficulties tv mistake test screen by filo getty

Facebook outage a prime example of insider threat by machine

A buggy automated audit tool and human error took Facebook offline for six hours. Key lesson for CISOs: Look for single points of failure and hedge your bets.

Antivirus / virus alert / warning / security threats / protection from attack

How to configure Microsoft Defender for cloud-based attacks

Malware delivered through cloud services such as OneDrive or SharePoint will try to disable and evade Defender. These simple settings will help prevent that.

programmer developer devops apps developer code hacker dark secrets by peopleimages getty

How software reliability can help drive software security

Adopting both devsecops and site reliability engineering concepts increases software availability and security by improving stability and shortening time to implement fixes.

mark adams adobe cso headshot

How Adobe reduced compliance fatigue

With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...

ransomware breach hackers dark web

Conti ransomware explained: What you need to know about this aggressive criminal group

The Conti ransomware group is less likely to help victims restore encrypted files and more likely to leak exfiltrated data.

Insider threats  >  Employees suspiciously peering over cubicle walls

How disinformation creates insider threats

Employees who believe disinformation are more susceptible to social engineering and phishing campaigns, and attackers know it.

noops code developer devops html web developer by mazimusnd getty

NIST's new devsecops guidance to aid transition to cloud-native apps

The NIST guidance dives into technical and procedural nuances associated with implementing devsecops with cloud-native applications and microservices architectures.

cyber attack alert / data breach

5 steps to security incident response planning

Most firms will experience a breach or vulnerability that exposes sensitive data. Minimizing impact on business and reputation depends on having a strong response plan before an incident happens.

CSO > breakthrough / penetration testing / hammer breaking binary glass

10 essential skills and traits of ethical hackers

Learn just what it takes to snag this demanding and rewarding job.

Allison Miller, CISO and vice president of trust, Reddit

Reddit’s Allison Miller builds trust through transparency

Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself—a role she summarizes as “keeping...

A binary mask.

How deepfakes enhance social engineering and authentication threats, and what to do about it

Cybercriminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective. Here are strategies for defending against the most notable deepfake cyberthreats.

programmer developer devops apps developer code hacker dark secrets by peopleimages getty

10 top API security testing tools

Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to mitigate the Microsoft Office zero-day attack

Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.

One person uses a calculator while another reviews financial data.

The new math of cybersecurity value

An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.

banana peel slip accident mistake fall by rapideye getty

8 pitfalls that undermine security program success

Don’t let these easy-to-overlook mistakes trip up your security strategy.

binary code flows around a corporate structure / cybersecurity / technology companies

The 10 most powerful cybersecurity companies

What makes these 10 security vendors the biggest power players? We break it down.

high priority gauge

CISOs’ 15 top strategic priorities for 2021

Mitigating third-party risk, baking security into the development process, defending against ransomware attacks, keeping pace with digital transformation efforts—these are just a few things that are top-of-mind for CISOs today.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.